A spreadsheet mistakenly published, a backup tape left in the back seat of a car and a forgotten server humming quietly in a corner all have two things in common. First, they all resulted in at least one well-publicized security incident in the state of Ohio. Second, they all could have been avoided by following basic information security best practices.

Matthew Dalton, director of information security in the Office of Information Technology (OIT), wants to make sure those best practices become common knowledge at Ohio University. To that end, OIT is offering online training in sensitive data handling to all academic and administrative departments.

The course, available via Blackboard, focuses on the five stages of dealing with sensitive data: identification, collection, communication, storage and disposal. Dalton said such training eventually will be required for all university employees. In the meantime, OIT is looking for volunteers interested in improving their security awareness. Dalton asks that interested departments sign up as a unit rather than having their employees do so individually.